Maintaining a strong posture of readiness is the key to strong system and network security. Author and columnist Ed Tittel explains how security scanners check systems and networks for vulnerabilities, and provides pointers to numerous freeware security scanners you can use to assess your organization’s security posture. He also covers key local security scanners and subscription-based security scanning services, to help you decide what kinds of scanning options make the most sense for your needs.

Like this article? We recommend

Like this article? We recommend

As somebody who teaches classes on network and system security two or more
times a year, I'm always looking for ways to deliver telling information,
tips, and tricks related to the topic. Over the years, I've learned that
nothing succeeds in lodging useful information in students' minds like the
combination of good advice or information with a little bit of humor.
That's how I originated what I call the "Inverse Golden Rule" of
network and system security  namely: "Do unto yourself before others
can do unto you." I now abbreviate the Inverse Golden Rule as IGR, in
keeping with technologists' desires to coin new acronyms (or
"initialisms") at the slightest provocation.

If you stop to think about what the IGR really means, it makes a lot of
sense. In the plainest terms possible, the IGR can be stated as, "check
your own systems and networks for vulnerability to newly documented attacks and
exploits as soon as possible. Do the same to check other vulnerabilities, such
as back doors, malefic code, and any potential sources of compromise or
exposure." In addition to the IGR, I'll also cover a few other related
maxims for network security, recognizing that not everyone has all the time in
the world to attack and armor-plate their networks and systems whenever threats
loom large.

Administrator, Attack Thyself!

In fact, a literal interpretation of the IGR is likely to be hard to enact.
That's why a more realistic implementation of any IGR strategy is to make
regular security scans part of your routine network and system maintenance
regime. Then, you can save literal application of the IGR only for dire cases
when threats are both immediate and serious. Even then, I urge you to attack
only non-production systems in a lab environment with such threats. Learning
that an attack has serious consequences on your networks and systems can be even
more serious if you have to own up to perpetrating that attack in the first
place!

Security scanning software is available in many different forms.
Nevertheless, scanning software is best explained by analogy: as anti-virus
programs are to viruses, Trojans, and so forth, so is scanning software to
potential security threats. That is, security scanning systems probe targeted
networks and/or systems, checking them for vulnerability to documented exploits,
break-ins, attacks, back doors, and other potential points of illicit entry or
exposure. Such software even checks for vulnerability to denial of service
attacks, which don't compromise systems but are still potentially serious
because they can take systems and networks completely out of service.